Forum Stats

  • 3,780,567 Users
  • 2,254,410 Discussions
  • 7,879,386 Comments

Discussions

Creating Users and Roles progrmatically in Saas-extension

user11921947  Vidya
user11921947 Vidya Member Posts: 44
edited Sep 13, 2016 4:07AM in Java Cloud Service

Hi ,

We have a client requirement of creating users and roles programmatically using OPSS libraries. I have followed this oracle documentation and some other code reference in oracle blogs : https://docs.oracle.com/cd/E17904_01/core.1111/e10043/devuserole.htm#JISEC2157

I have written the code which is able to create custom user from local Integrated Weblogic server  but unable to create the same when deployed in JCS-SX. I am getting this error in JCS-SX: 

"java.security.AccessControlException: Type "oracle.security.idm.IdentityStoreService " not allowed  ".

Below are steps we followed

  1. Created jspx page with firstname ,lastname , email,password  has input text and submit button.
  2. Created bean for jspx with  accessors for input text and Actionevent for submit button.
  3. Secured Jspx using  ADF Security .created Enterprise role  by name FullAccess  assigned user to it.
  4. In ActionEvent below is the code im using its working fine in Local IntegratedWeblogic Server but giving AccessControlException at highlihted line. :

        try {

JpsContextFactory ctxf = JpsContextFactory.getContextFactory();

JpsContext ctx = ctxf.getContext();

IdentityStoreService storeService =

ctx.getServiceInstance(IdentityStoreService.class);

IdentityStore oidStore = storeService.getIdmStore();

// idStore.getUserManager().authenticateUser(un,pwd.toCharArray());

System.out.println(" identity store authenticated and connedted");

UserManager um = oidStore.getUserManager();

System.out.println(" creating user in idm ..." +um.isCreateUserSupported());

um.createUser(getFirstName(), getPassWord().toCharArray());

User user = oidStore.searchUser(getFirstName());

UserProfile up = user.getUserProfile();

up.setFirstName(getFirstName());

up.setLastName(getLastName());

up.setBusinessEmail(getEmail());

up.setUserName(getFirstName());

up.setDisplayName(getLastName() + ", " + getFirstName());

Principal userPrincipal = user.getPrincipal();

RoleManager rm = oidStore.getRoleManager();

//        rm.createRole(getCustomRole());

Role role =

oidStore.searchRole(IdentityStore.SEARCH_BY_NAME, "FullAccess");

            rm.grantRole(role, userPrincipal);

System.out.println(" user created   ");

        } catch (IMException e) {

System.out.println(" Excpection 1.." + e.getMessage());

        } catch (JpsException e) {

System.out.println(" Jps exception .." + e.getMessage());

        }

  1. If I run jspx from local, logging in with Fullaccess assigned user able to create new user also.
  2. If I run jspx  through url after deploying in Saas-JCx , able to log in after giving values for first name ,lastname ,email,password  on click of submit getting error as AccessControlException.

Can anyone please suggest, if LDAP information is required in creating Users/Roles using OPSS libraries or we have an alternative mechanism to achieve the same ?

Regards,

Vidya G

Answers

This discussion has been closed.